Hackers don’t just prey on the big boys, warns expert

A HI-TECH security expert has warned Oxfordshire entrepreneurs after the cyber attack on online auction house eBay.

James Lyne, global head of security research at Sophos, said bosses should not believe they are too small to be targeted by online criminals — he believed the opposite was true.

Mr Lyne said: “It’s an interesting misconception among SMEs that cyber criminals and hackers go only after large corporations. But that assumption is flat-out wrong.

“One per cent of cyber crime focuses on organisations with huge data and high profit, such as eBay or nation states hacking each other. But the other 99 per cent goes towards consumers and SMEs because they don’t have the same defences.”

Mr Lyne, who used a bicycle to tour the UK, San Francisco, Las Vegas and Vietnamese capital Hanoi with a laptop to detect badly secured wifi systems, claims it is fairly easy to break into wifi networks, even if they are password-protected.

He added: “Bleeding small amounts from lots of very small organisations is far more easily done and is not much risk. And when these firms report it to the police, there are too many cases and the pound value of theft is too low for it to be taken hugely seriously.”

Last week, eBay revealed up to 145 million accounts had been hacked globally. Although eBay bosses insisted no financial information was accessed, they urged users to change their passwords amid fears of details being used for identity fraud.

In its security threat report, Sophos said cyber criminals are becoming smarter and more aggressive.

Not only are they good at masking their identity, they are also better at hiding in the ‘darknet’ — areas of the Internet designed to dodge surveillance.

And our increasing use of mobile devices gives criminals more scope.

Security experts have unmasked 650,000 pieces of malware for Android smartphones and believe there are many more not yet detected.

Statistics from the Department for Business, Innovation and Skills said a cyber attack can cost an SME six per cent of its turnover. It also found 87 per cent of SMEs and 93 per cent of firms with more than 250 staff experienced a security breech between 2012-13.

Sophos said it finds more than 30,000 newly infected websites distributing malware every day, and 80 per cent of these belong to legitimate small businesses which have been hacked.

Edward Williams, managing director of Oxford-based OFEC Consulting, which develops websites, said: “If you are using a recognised system such as Word Press and are updating both the system and the server regularly, there should not be a problem.

Comments

Myron Blatz
12:14am Fri 30 May 14

Why the surprise? Things have never been the same since we all started using bank and credit cards, and proceeded ever-faster down the finance and retail helter-skelter - and next time you use your plastic in your local supermarket, don't be amazed at how quick your bank lets you buy the groceries, but how quickly cyber-thieves could steal your money and your identity.

Why the surprise? Things have never been the same since we all started using bank and credit cards, and proceeded ever-faster down the finance and retail helter-skelter - and next time you use your plastic in your local supermarket, don't be amazed at how quick your bank lets you buy the groceries, but how quickly cyber-thieves could steal your money and your identity.Myron Blatz

Why the surprise? Things have never been the same since we all started using bank and credit cards, and proceeded ever-faster down the finance and retail helter-skelter - and next time you use your plastic in your local supermarket, don't be amazed at how quick your bank lets you buy the groceries, but how quickly cyber-thieves could steal your money and your identity.

Score: 0

Adrian1
12:47pm Fri 30 May 14

The 'small' target goes all the way down to you and me. At home we field as many as 3 phone calls a day from India/Pakistan from the 'Microsoft corporation' or some unheard of anti virus firm telling us we have a problem with our computer. Great annoyance as they are I keep them on the line as long as possible so they bother fewer less savvy people. Thanks all those firms who outsourced your call centres to these places, your ex contractors (or maybe existing?) now bother us on a regular basis with your customer lists following varying abilities at ettiquiette, and of course the local constabulary can do nothing.

The 'small' target goes all the way down to you and me. At home we field as many as 3 phone calls a day from India/Pakistan from the 'Microsoft corporation' or some unheard of anti virus firm telling us we have a problem with our computer. Great annoyance as they are I keep them on the line as long as possible so they bother fewer less savvy people. Thanks all those firms who outsourced your call centres to these places, your ex contractors (or maybe existing?) now bother us on a regular basis with your customer lists following varying abilities at ettiquiette, and of course the local constabulary can do nothing.Adrian1

The 'small' target goes all the way down to you and me. At home we field as many as 3 phone calls a day from India/Pakistan from the 'Microsoft corporation' or some unheard of anti virus firm telling us we have a problem with our computer. Great annoyance as they are I keep them on the line as long as possible so they bother fewer less savvy people. Thanks all those firms who outsourced your call centres to these places, your ex contractors (or maybe existing?) now bother us on a regular basis with your customer lists following varying abilities at ettiquiette, and of course the local constabulary can do nothing.

Score: 0

OFECinHell
2:40pm Thu 19 Jun 14

Ha, this is rich coming from OFEC as we had a website with them that got hacked twice and the victim of Malware once so three incidents of security breaches within 10 months. People do think about it but OFEC simply don't give a S&%*, it was their server that got hacked and they blamed us for everything. Their primary developer lives in Volgograd in Russia so I doubt very much they take security very seriously based on this fact alone.

Ha, this is rich coming from OFEC as we had a website with them that got hacked twice and the victim of Malware once so three incidents of security breaches within 10 months. People do think about it but OFEC simply don't give a S&%*, it was their server that got hacked and they blamed us for everything. Their primary developer lives in Volgograd in Russia so I doubt very much they take security very seriously based on this fact alone.OFECinHell

Ha, this is rich coming from OFEC as we had a website with them that got hacked twice and the victim of Malware once so three incidents of security breaches within 10 months. People do think about it but OFEC simply don't give a S&%*, it was their server that got hacked and they blamed us for everything. Their primary developer lives in Volgograd in Russia so I doubt very much they take security very seriously based on this fact alone.

Ipsoregulated

This website and associated newspapers adhere to the Independent Press Standards Organisation's Editors' Code of Practice. If you have a complaint about the editorial content which relates to inaccuracy or intrusion, then please contact the editor here. If you are dissatisfied with the response provided you can contact IPSO here